[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: CAN-2004-0488
- From: Anthony Roberts <obsd-misc-aroberts_(_at_)_shaw_(_dot_)_ca>
- Date: Sat, 12 Jun 2004 19:58:21 -0600
"Stack-based buffer overflow in the
ssl_util_uuencode_binary function in ssl_util.c for
Apache mod_ssl, when mod_ssl is configured to trust
the issuing CA, may allow remote attackers to execute
arbitrary code via a client certificate with a long
Do ProPolice or W^X impact this?
One assumes that if the buffer in question is on the stack ProPolice will catch it...